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WHAT IS CLAIMED IS: 

1 1. A method of testing a firewall comprising: 

2 transmitting at least one of a session initiation 

3 signal to initiate a communications session through said 

4 firewall and a session termination signal used to 

5 termination an established communications session; and 

6 monitoring to determine from the time of at least one 

7 transmitted signal at least one of a port opening delay 

8 which occurs in regard to opening a port in said firewall 

9 for a communications session that is being initiated and a 

10 port closing delay which occurs in regard to closing a port 

11 in said firewall when terminating an established 

12 communications session. 

1 2. The method of claim 1, further comprising: 

2 transmitting session signals at an increasing rate 

3 through said firewall to cause at least one of the opening 

4 and closing of ports in said firewall; and 

5 measuring the effect of said increasing rate of 

6 session signals on at least one of an opening and a closing 

7 delay time associated with opening a port and closing a 

8 port, respectively, in response to transmitted session 

9 signals. 

1 3. The method according to claim 1, wherein said at least 

2 one of a port opening delay and a port closing delay is a 

3 port closing delay. 



1 4. The method of claim 3, further comprising: 

2 transmitting session signals at an increasing rate 
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3 through said firewall to cause at least one of the opening 

4 and closing of ports in said firewall; and 

5 measuring the effect of said increasing rate of 

6 session signals on at least one of an opening and a closing 

7 delay time associated with opening a port and closing a 

8 port, respectively, in response to said session signals. 



1 5. The method of claim 4, further comprising: 

2 determining an average closing delay for each of a 

3 plurality of different session signaling rates. 

1 6. The method of claim 5, further comprising: 

2 generating a visual display of a graph illustrating 

3 the average closing delay for a plurality of different 

4 session signaling rates. 

1 7. ...A. method of testing a network firewall comprising: 

2 transmitting a session signal to terminate an ongoing 

3 communications session being conducted through at least one 

4 port of said firewall; and 

5 measuring a port closing delay time associated with 

6 the closing of said at least one port following the 

7 transmission of said signal to terminate said 

8 communications session. 



1 8. The method of claim 7, wherein said port closing delay 

2 is a time period which occurs between the time a signal 

3 used to cause the closing of the port is detected and said 

4 port ceases to allow communications signals to pass through 

5 from the first side of said firewall to the second side of 

6 said firewall. 
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1 9. The method according to claim 8, further comprising 

2 the steps of : 

3 transmitting test signals at said port prior to the 

4 closing of said port; and 

5 monitoring the port to determine when said test 

6 signals cease passing through said port. 

1 10. The method of claim 7, further comprising: 

2 repeating said initiating transmitting and measuring 

3 steps while increasing a rate of session signals sent to 

4 said firewall to load said firewall; and 

5 monitoring changes in port closing delay times in 

6 response to said increasing rate of session signals to 

7 determine effect of increasing levels of session signaling 

8 on closing delay times. 

1 11. The method of claim 10, further comprising: 

2 determining the level of session signaling that causes 

3 a closing delay time which exceeds a preselected maximum 

4 closing delay time. 

1 12. The method of claim 10, further comprising: 

2 determining the amount of firewall processing power 

3 required for a particular application based on an expected 

4 traffic load and said monitored information indicating the 

5 effect of session signaling of different loads on said 

6 closing delay. 



1 13. The method of claim 7, wherein said session signal is 

2 at least one of SIP and H.323 compliant signals. 
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1 14 . A method of testing a network firewall, comprising: 

2 transmitting a session signal to initiate a 

3 communications session to be conducted through said 

4 firewall; 

5 transmitting test signals to at least one port on a 

6 first side of said firewall; 

7 determining a time when said test signals first pass 

8 through said at least one port, said at least one port 

9 being opened in response to said signal to initiate a 

10 communications session; and 

11 determining a port opening delay which occurs in 

12 regard to opening a port in said firewall for said 

13 communications session from said determined time. 

1 15. The method of claim 14, wherein said port opening 

2 delay is a time period which occurs between a time a signal 

3 used to cause the port for said communications session to 

4 open is detected and said port allows a signal to pass 

5 through from the first side of said firewall to the second 

6 side of said firewall. 

1 16. The method according to claim 15, further comprising 

2 the step of : 

3 transmitting another session signal to terminate said 

4 communications session; and 

5 monitoring a port closing delay time corresponding to 

6 a port closing delay which occurs in regard to closing the 

7 port in said firewall that was opened for said 

8 communications session. 



1 17. The method of claim 16, wherein said port closing 

2 delay is a time period which occurs between the time a 
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3 signal used to cause the closing of the port is detected 

4 and said port ceases to allow communications signals to 

5 pass through from the first side of said firewall to the 

6 second side of said firewall. 

1 18. The method of claim 14, further comprising the steps 

2 of: 

3 transmitting session signals at an increasing rate 

4 through said firewall to cause at least one of the opening 

5 and closing of ports in said firewall; and 

6 measuring the effect of said increasing rate of 

7 session signals on at least one of an opening and closing 

8 delay time associated with opening and closing ports, 

9 respectively, in response to said session signals. 

1 19. The method of claim 18, wherein said session signals 

2 are at least one of SIP and H.323 compliant signals. 

1 20. A firewall test apparatus, comprising: 

2 a session signaling module for generating session 

3 signals used to initiate a communications session to be 

4 conducted through a firewall to be tested and to terminate 

5 a communications session after it has been initiated; 

6 a scanning probe generation module for generating 

7 probe signals to be directed at firewall ports; 

8 a timing synchronization module for synchronizing 

9 operation of said firewall test apparatus to at least one 

10 of an external clock source and another firewall test 

11 apparatus; and 

12 an analysis module for determining at least a port 

13 closing delay from a session signal time and a time probe 

14 signals are detected to stop passing through a port in said 
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15 firewall corresponding to an initiated communications 

16 session. 

1 21. The firewall test apparatus of claim 20, wherein said 

2 analysis module further includes means for determining at 

3 least a port opening delay from a session signal time 

4 associated with a session signal used to initiate a 

5 communications session and a time probe signals are 

6 detected to start passing through a port in said firewall 

7 corresponding to the initiated communications session. 

1 22. The firewall test apparatus of claim 21, wherein said 

2 session signaling module includes means for flooding said 

3 firewall with increasing amounts of session signal traffic 

4 used to initiate and terminate communications sessions. 

1 23. The firewall test apparatus of claim 22, wherein said 

2 analysis module includes: 

3 means for determining the effect of increasing amount 

4 of session signaling flooding said firewall on the closing 

5 delays associated with terminating existing communications 

6 sessions. 

1 24. The firewall test apparatus of claim 23, further 

2 comprising: 

3 an output device for outputting a report showing the 

4 effect of flooding said firewall with increasing amounts of 

5 session signals on the closing delays associated with 

6 terminating existing communications sessions. 

1 25. A firewall test system for testing a firewall, 
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2 comprising; 

3 a test signal generator for generating communications 

4 session initiation signals and probe signals directed at a 

5 first side of said firewall; and 

6 a test signal analyzer for detecting probe signals 

7 passing through said first side of said firewall to said 

8 second side of said firewall and for determining port 

9 closing delays as measured from the time the test signal 

10 analyzer detects a signal used to close a port in said 

11 firewall and said analyzer ceases to detect test signals 

12 passing through said firewall. 

1 26. The firewall test system of claim 25, wherein said 

2 test signal generator further includes: 

3 means for establishing a communications session 

4 through said firewall using session initiation signals 

5 prior to transmitting at least some of said probe signals. 

1 27. The firewall test system of claim 26, 

2 wherein said test signal generator includes means for 

3 synchronizing test signal generation to an outside clock 

4 source ; and 

5 wherein said signal analyzer includes means for 

6 synchronizing device operation with said outside clock 

7 source. 

1 28. The firewall test system of claim 27, wherein said 

2 test signal generator includes means for flooding said 

3 firewall with session signals which trigger the opening or 

4 the closing of ports in said firewall. 

1 29. The firewall test system of claim 28, wherein said 
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2 test analyzer further includes: 

3 means for measuring the effect of increasing the rate 

4 of session signals on port closing times following the 

5 termination of a communications session. 

1 30. A method of testing a firewall, comprising the steps 

2 of: 

3 . transmitting session signals used to control at least 

4 one of the establishment and termination of communications 

5 sessions through said firewall at an increasing rate; and 

6 measuring the effect of the increasing rate of session 

7 signals on port closing delays associated with the 

8 termination of communications sessions through said 

9 firewall. 

1 31. The method of claim 30, further comprising; 

2 determining the session signal rate which results in a 

3 maximum acceptable port closing delay being exceeded. 

1 32. The method of claim 31, wherein said transmitted 

2 session signals are at least one of SIP signals and H.323 

3 signals. 



